update versions

This commit is contained in:
David Lord 2024-04-06 16:19:04 -07:00
parent b348e4e96f
commit 9907209138
No known key found for this signature in database
GPG key ID: 7A1C87E3F5BC42A8

View file

@ -9,8 +9,8 @@ jobs:
outputs: outputs:
hash: ${{ steps.hash.outputs.hash }} hash: ${{ steps.hash.outputs.hash }}
steps: steps:
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
- uses: actions/setup-python@0a5c61591373683505ea898e09a3ea4f39ef2b9c - uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d # v5.1.0
with: with:
python-version: '3.x' python-version: '3.x'
cache: pip cache: pip
@ -23,9 +23,8 @@ jobs:
- name: generate hash - name: generate hash
id: hash id: hash
run: cd dist && echo "hash=$(sha256sum * | base64 -w0)" >> $GITHUB_OUTPUT run: cd dist && echo "hash=$(sha256sum * | base64 -w0)" >> $GITHUB_OUTPUT
- uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3
with: with:
name: dist
path: ./dist path: ./dist
provenance: provenance:
needs: [build] needs: [build]
@ -34,7 +33,7 @@ jobs:
id-token: write id-token: write
contents: write contents: write
# Can't pin with hash due to how this workflow works. # Can't pin with hash due to how this workflow works.
uses: slsa-framework/slsa-github-generator/.github/workflows/generator_generic_slsa3.yml@v1.9.0 uses: slsa-framework/slsa-github-generator/.github/workflows/generator_generic_slsa3.yml@v1.10.0
with: with:
base64-subjects: ${{ needs.build.outputs.hash }} base64-subjects: ${{ needs.build.outputs.hash }}
create-release: create-release:
@ -45,12 +44,12 @@ jobs:
permissions: permissions:
contents: write contents: write
steps: steps:
- uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a - uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2
- name: create release - name: create release
run: > run: >
gh release create --draft --repo ${{ github.repository }} gh release create --draft --repo ${{ github.repository }}
${{ github.ref_name }} ${{ github.ref_name }}
*.intoto.jsonl/* dist/* *.intoto.jsonl/* artifact/*
env: env:
GH_TOKEN: ${{ github.token }} GH_TOKEN: ${{ github.token }}
publish-pypi: publish-pypi:
@ -64,8 +63,11 @@ jobs:
permissions: permissions:
id-token: write id-token: write
steps: steps:
- uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a - uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2
- uses: pypa/gh-action-pypi-publish@f946db0f765b9ae754e44bfd5ae5b8b91cfb37ef - uses: pypa/gh-action-pypi-publish@68e62d4871ad9d14a9d55f114e6ac71f0b408ec0 # v1.8.14
with: with:
repository-url: https://test.pypi.org/legacy/ repository-url: https://test.pypi.org/legacy/
- uses: pypa/gh-action-pypi-publish@f946db0f765b9ae754e44bfd5ae5b8b91cfb37ef packages-dir: artifact/
- uses: pypa/gh-action-pypi-publish@68e62d4871ad9d14a9d55f114e6ac71f0b408ec0 # v1.8.14
with:
packages-dir: artifact/